minor bug fixes and linting (#274)

applications/jupyter/main.tf

@@ -80,19 +80,19 @@ module "jupyterhub" {
   autopilot_cluster                 = data.google_container_cluster.default.enable_autopilot
 
   # IAP Auth parameters
-  add_auth                  = var.add_auth
-  brand                     = var.brand
-  support_email             = var.support_email
-  client_id                 = var.client_id
-  client_secret             = var.client_secret
-  k8s_ingress_name          = var.k8s_ingress_name
-  k8s_managed_cert_name     = var.k8s_managed_cert_name
-  k8s_iap_secret_name       = var.k8s_iap_secret_name
-  k8s_backend_config_name   = var.k8s_backend_config_name
-  k8s_backend_service_name  = var.k8s_backend_service_name
-  k8s_backend_service_port  = var.k8s_backend_service_port
-  url_domain_addr           = var.url_domain_addr
-  url_domain_name           = var.url_domain_name
-  members_allowlist         = var.members_allowlist
-  depends_on                = [module.gcs]
+  add_auth                 = var.add_auth
+  brand                    = var.brand
+  support_email            = var.support_email
+  client_id                = var.client_id
+  client_secret            = var.client_secret
+  k8s_ingress_name         = var.k8s_ingress_name
+  k8s_managed_cert_name    = var.k8s_managed_cert_name
+  k8s_iap_secret_name      = var.k8s_iap_secret_name
+  k8s_backend_config_name  = var.k8s_backend_config_name
+  k8s_backend_service_name = var.k8s_backend_service_name
+  k8s_backend_service_port = var.k8s_backend_service_port
+  url_domain_addr          = var.url_domain_addr
+  url_domain_name          = var.url_domain_name
+  members_allowlist        = var.members_allowlist
+  depends_on               = [module.gcs]
 }

applications/jupyter/variables.tf

@@ -63,9 +63,9 @@ variable "k8s_ingress_name" {
 }
 
 variable "k8s_managed_cert_name" {
-  type          = string
-  description   = "Name for frontend managed certificate"
-  default       = "jupyter-managed-cert"
+  type        = string
+  description = "Name for frontend managed certificate"
+  default     = "jupyter-managed-cert"
 }
 
 variable "k8s_iap_secret_name" {
@@ -86,9 +86,9 @@ variable "k8s_backend_service_name" {
 }
 
 variable "k8s_backend_service_port" {
-  type            = number
-  description     = "Name of the Backend Service on GCP"
-  default         = 80
+  type        = number
+  description = "Name of the Backend Service on GCP"
+  default     = 80
 }
 
 variable "brand" {
@@ -112,6 +112,7 @@ variable "url_domain_name" {
 variable "support_email" {
   type        = string
   description = "Email for users to contact with questions about their consent"
+  default     = ""
 }
 
 variable "client_id" {
@@ -128,7 +129,7 @@ variable "client_secret" {
 }
 
 variable "create_gcs_bucket" {
-  type          = bool
-  default       = false
-  description   = "Enable flag to create gcs_bucket"
+  type        = bool
+  default     = false
+  description = "Enable flag to create gcs_bucket"
 }

applications/jupyter/workloads-auto-create-brand.example.tfvars

@@ -26,23 +26,23 @@ cluster_membership_id = "" # required only for private cluster, default: cluster
 #######################################################
 
 ## JupyterHub variables
-namespace                                   = "jupyter"
-create_gcs_bucket                           = true
-gcs_bucket                                  = "<gcs-bucket>"
-workload_identity_service_account           = "jupyter-service-account"
+namespace                         = "jupyter"
+create_gcs_bucket                 = true
+gcs_bucket                        = "<gcs-bucket>"
+workload_identity_service_account = "jupyter-service-account"
 
 # Jupyterhub with IAP
-add_auth                  = true
-brand                     = "" # Leave it empty to auto create
-support_email             = "<email>"
-k8s_ingress_name          = "jupyter-ingress"
-k8s_iap_secret_name       = "jupyter-iap-secret"
-k8s_backend_config_name   = "jupyter-iap-config"
-k8s_backend_service_name  = "proxy-public"
-k8s_backend_service_port  = 80
+add_auth                 = true
+brand                    = "" # Leave it empty to auto create
+support_email            = "<email>"
+k8s_ingress_name         = "jupyter-ingress"
+k8s_iap_secret_name      = "jupyter-iap-secret"
+k8s_backend_config_name  = "jupyter-iap-config"
+k8s_backend_service_name = "proxy-public"
+k8s_backend_service_port = 80
 
-url_domain_addr           = ""
-url_domain_name           = ""
-client_id                 = ""
-client_secret             = ""
-members_allowlist         = ["allAuthenticatedUsers", "user:<email>"]
+url_domain_addr   = ""
+url_domain_name   = ""
+client_id         = ""
+client_secret     = ""
+members_allowlist = ["allAuthenticatedUsers", "user:<email>"]

applications/jupyter/workloads-existing-brand-auto-create-client.example.tfvars

@@ -26,22 +26,22 @@ cluster_membership_id = "" # required only for private cluster, default: cluster
 #######################################################
 
 ## JupyterHub variables
-namespace                                   = "jupyter"
-gcs_bucket                                  = "<gcs-bucket>"
-workload_identity_service_account           = "jupyter-service-account"
+namespace                         = "jupyter"
+gcs_bucket                        = "<gcs-bucket>"
+workload_identity_service_account = "jupyter-service-account"
 
 # Jupyterhub with IAP
-add_auth                  = true
-brand                     = "projects/<prj-number>/brands/<prj-number>" # ensure brand is Internal
-support_email             = "<email>"
-k8s_ingress_name          = "jupyter-ingress"
-k8s_iap_secret_name       = "jupyter-iap-secret"
-k8s_backend_config_name   = "jupyter-iap-config"
-k8s_backend_service_name  = "proxy-public"
-k8s_backend_service_port  = 80
+add_auth                 = true
+brand                    = "projects/<prj-number>/brands/<prj-number>" # ensure brand is Internal
+support_email            = "<email>"
+k8s_ingress_name         = "jupyter-ingress"
+k8s_iap_secret_name      = "jupyter-iap-secret"
+k8s_backend_config_name  = "jupyter-iap-config"
+k8s_backend_service_name = "proxy-public"
+k8s_backend_service_port = 80
 
-url_domain_addr           = ""
-url_domain_name           = ""
-client_id                 = ""
-client_secret             = ""
-members_allowlist         = ["allAuthenticatedUsers", "user:<email>"]
+url_domain_addr   = ""
+url_domain_name   = ""
+client_id         = ""
+client_secret     = ""
+members_allowlist = ["allAuthenticatedUsers", "user:<email>"]

applications/jupyter/workloads-existing-brand-existing-client.example.tfvars

@@ -26,20 +26,20 @@ cluster_membership_id = "" # required only for private cluster, default: cluster
 #######################################################
 
 ## JupyterHub variables
-namespace                                   = "jupyter"
-create_gcs_bucket                           = true
-gcs_bucket                                  = "<gcs-bucket>"
-workload_identity_service_account           = "jupyter-service-account"
+namespace                         = "jupyter"
+create_gcs_bucket                 = true
+gcs_bucket                        = "<gcs-bucket>"
+workload_identity_service_account = "jupyter-service-account"
 
 # Jupyterhub with IAP
-add_auth = true
-brand = "projects/<prj-number>/brands/<prj-number>"
-support_email = "<email>"
-k8s_ingress_name          = "jupyter-ingress"
-k8s_iap_secret_name       = "jupyter-iap-secret"
-k8s_backend_config_name   = "jupyter-iap-config"
-k8s_backend_service_name  = "proxy-public"
-k8s_backend_service_port  = 80
+add_auth                 = true
+brand                    = "projects/<prj-number>/brands/<prj-number>"
+support_email            = "<email>"
+k8s_ingress_name         = "jupyter-ingress"
+k8s_iap_secret_name      = "jupyter-iap-secret"
+k8s_backend_config_name  = "jupyter-iap-config"
+k8s_backend_service_name = "proxy-public"
+k8s_backend_service_port = 80
 
 url_domain_addr   = ""
 url_domain_name   = ""

applications/jupyter/workloads-without-iap.example.tfvars

@@ -26,10 +26,10 @@ cluster_membership_id = "" # required only for private clusters, default: cluste
 #######################################################
 
 ## JupyterHub variables
-namespace                   = "jupyter"
-gcs_bucket                  = "<gcs-bucket>"
-create_service_account      = true
-gcp_and_k8s_service_account = "jupyter-service-account"
+namespace                         = "jupyter"
+gcs_bucket                        = "<gcs-bucket>"
+create_gcs_bucket                 = true
+workload_identity_service_account = "jupyter-service-account"
 
 # Jupyterhub without IAP
-add_auth                  = false
+add_auth = false

applications/jupyter/workloads.tfvars

@@ -26,25 +26,25 @@ cluster_membership_id = "" # required for private cluster, defaults to `cluster_
 #######################################################
 
 ## JupyterHub variables
-namespace                                   = "ml"
-gcs_bucket                                  = "gcs-bucket-dsfhfh"
-create_gcs_bucket                           = true
-workload_identity_service_account           = "jupyter-service-account"
+namespace                         = "ml"
+gcs_bucket                        = "gcs-bucket-dsfhfh"
+create_gcs_bucket                 = true
+workload_identity_service_account = "jupyter-service-account"
 
 # Jupyterhub with IAP
-add_auth                  = false
+add_auth = false
 # TODO make this a bool flag and fetch the project number in tf
-brand                     = "projects/<prj-number>/brands/<prj-number>" # ensure brand is Internal
-support_email             = "<email>"
-k8s_ingress_name          = "jupyter-ingress"
-k8s_managed_cert_name     = "jupyter-managed-cert"
-k8s_iap_secret_name       = "jupyter-iap-secret"
-k8s_backend_config_name   = "jupyter-iap-config"
-k8s_backend_service_name  = "proxy-public"
-k8s_backend_service_port  = 80
+brand                    = "projects/<prj-number>/brands/<prj-number>" # ensure brand is Internal
+support_email            = "<email>"
+k8s_ingress_name         = "jupyter-ingress"
+k8s_managed_cert_name    = "jupyter-managed-cert"
+k8s_iap_secret_name      = "jupyter-iap-secret"
+k8s_backend_config_name  = "jupyter-iap-config"
+k8s_backend_service_name = "proxy-public"
+k8s_backend_service_port = 80
 
-url_domain_addr           = ""
-url_domain_name           = ""
-client_id                 = ""
-client_secret             = ""
-members_allowlist         = ["allAuthenticatedUsers", "user:<email>"]
+url_domain_addr   = ""
+url_domain_name   = ""
+client_id         = ""
+client_secret     = ""
+members_allowlist = ["allAuthenticatedUsers", "user:<email>"]

applications/rag/frontend/main.tf

@@ -36,9 +36,9 @@ locals {
 
 # IAP Section: Enabled the IAP service
 resource "google_project_service" "project_service" {
-  count                      = var.add_auth ? 1 : 0
-  project                    = var.project_id
-  service                    = "iap.googleapis.com"
+  count   = var.add_auth ? 1 : 0
+  project = var.project_id
+  service = "iap.googleapis.com"
 
   disable_dependent_services = false
   disable_on_destroy         = false
@@ -53,23 +53,23 @@ resource "google_iap_client" "iap_oauth_client" {
 
 # IAP Section: Creates the GKE components
 module "iap_auth" {
-  count                     = var.add_auth ? 1 : 0
-  source                    = "../../../modules/iap"
-
-  project_id                         = var.project_id
-  namespace                          = var.namespace
-  frontend_add_auth                  = var.add_auth
-  frontend_k8s_ingress_name          = var.k8s_ingress_name
-  frontend_k8s_managed_cert_name     = var.k8s_managed_cert_name
-  frontend_k8s_iap_secret_name       = var.k8s_iap_secret_name
-  frontend_k8s_backend_config_name   = var.k8s_backend_config_name
-  frontend_k8s_backend_service_name  = var.k8s_backend_service_name
-  frontend_k8s_backend_service_port  = var.k8s_backend_service_port
-  frontend_client_id                 = var.client_id != "" ? var.client_id : google_iap_client.iap_oauth_client[0].client_id
-  frontend_client_secret             = var.client_id != "" ? var.client_secret : google_iap_client.iap_oauth_client[0].secret
-  frontend_url_domain_addr           = var.url_domain_addr
-  frontend_url_domain_name           = var.url_domain_name
-  depends_on                = [
+  count  = var.add_auth ? 1 : 0
+  source = "../../../modules/iap"
+
+  project_id                        = var.project_id
+  namespace                         = var.namespace
+  frontend_add_auth                 = var.add_auth
+  frontend_k8s_ingress_name         = var.k8s_ingress_name
+  frontend_k8s_managed_cert_name    = var.k8s_managed_cert_name
+  frontend_k8s_iap_secret_name      = var.k8s_iap_secret_name
+  frontend_k8s_backend_config_name  = var.k8s_backend_config_name
+  frontend_k8s_backend_service_name = var.k8s_backend_service_name
+  frontend_k8s_backend_service_port = var.k8s_backend_service_port
+  frontend_client_id                = var.client_id != "" ? var.client_id : google_iap_client.iap_oauth_client[0].client_id
+  frontend_client_secret            = var.client_id != "" ? var.client_secret : google_iap_client.iap_oauth_client[0].secret
+  frontend_url_domain_addr          = var.url_domain_addr
+  frontend_url_domain_name          = var.url_domain_name
+  depends_on = [
     google_project_service.project_service,
     kubernetes_service.rag_frontend_service
   ]

applications/rag/frontend/variables.tf

@@ -65,7 +65,7 @@ variable "create_service_account" {
 variable "google_service_account" {
   type        = string
   description = "Google Service Account name"
-  default = "frontend-gcp-sa"
+  default     = "frontend-gcp-sa"
 }
 
 variable "add_auth" {
@@ -80,9 +80,9 @@ variable "k8s_ingress_name" {
 }
 
 variable "k8s_managed_cert_name" {
-  type          = string
-  description   = "Name for frontend managed certificate"
-  default       = "frontend-managed-cert"
+  type        = string
+  description = "Name for frontend managed certificate"
+  default     = "frontend-managed-cert"
 }
 
 variable "k8s_iap_secret_name" {
@@ -127,9 +127,9 @@ variable "url_domain_name" {
 }
 
 variable "support_email" {
-  type            = string
-  description     = "Email for users to contact with questions about their consent"
-  default         = "<email>"
+  type        = string
+  description = "Email for users to contact with questions about their consent"
+  default     = "<email>"
 }
 
 variable "client_id" {